tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Check return from DeleteKey correctly.

Browse source 
DeleteKey may legitimately return ErrorCode::UNIMPLEMENTED rather than
ErrorCode::OK, but the VTS test didn't allow that in all cases.  In many
case the return code was also left unchecked.

Test: adb shell/data/nativetest64/VtsHalKeymasterV3_0TargetTest/VtsHalKeymasterV3_0TargetTest
Bug: 62193967
Change-Id: I19a90a87850675b0700baf7409e57098e0584d54
This commit is contained in:
Shawn Willden 2017-06-01 07:44:27 -06:00
parent fcc6118882
commit 1c69c5fcb8
1 changed files with 25 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
View file

@ -374,7 +374,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
public:
void TearDown() override {
if (key_blob_.size()) {
EXPECT_EQ(ErrorCode::OK, DeleteKey());
CheckedDeleteKey();
}
AbortIfNeeded();
}
@ -505,6 +505,13 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
return error;
}
void CheckedDeleteKey(HidlBuf* key_blob, bool keep_key_blob = false) {
auto rc = DeleteKey(key_blob, keep_key_blob);
EXPECT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
}
void CheckedDeleteKey() { CheckedDeleteKey(&key_blob_); }
ErrorCode GetCharacteristics(const HidlBuf& key_blob, const HidlBuf& client_id,
const HidlBuf& app_data, KeyCharacteristics* key_characteristics) {
ErrorCode error;
@ -718,7 +725,7 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase {
KeyFormat::RAW, key));
string signature = MacMessage(message, digest, expected_mac.size() * 8);
EXPECT_EQ(expected_mac, signature) << "Test vector didn't match for digest " << (int)digest;
DeleteKey();
CheckedDeleteKey();
}
void CheckAesCtrTestVector(const string& key, const string& nonce, const string& message,
@ -1067,7 +1074,7 @@ TEST_F(NewKeyGenerationTest, Rsa) {
EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size));
EXPECT_TRUE(crypto_params.Contains(TAG_RSA_PUBLIC_EXPONENT, 3));
EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
CheckedDeleteKey(&key_blob);
}
}
@ -1112,7 +1119,7 @@ TEST_F(NewKeyGenerationTest, Ecdsa) {
EXPECT_TRUE(crypto_params.Contains(TAG_ALGORITHM, Algorithm::EC));
EXPECT_TRUE(crypto_params.Contains(TAG_KEY_SIZE, key_size));
EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
CheckedDeleteKey(&key_blob);
}
}
@ -1161,7 +1168,7 @@ TEST_F(NewKeyGenerationTest, EcdsaAllValidSizes) {
EXPECT_EQ(ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(size).Digest(Digest::NONE)))
<< "Failed to generate size: " << size;
DeleteKey();
CheckedDeleteKey();
}
}
@ -1177,7 +1184,7 @@ TEST_F(NewKeyGenerationTest, EcdsaAllValidCurves) {
ErrorCode::OK,
GenerateKey(AuthorizationSetBuilder().EcdsaSigningKey(curve).Digest(Digest::SHA_2_512)))
<< "Failed to generate key on curve: " << curve;
DeleteKey();
CheckedDeleteKey();
}
}
@ -1227,7 +1234,7 @@ TEST_F(NewKeyGenerationTest, Hmac) {
EXPECT_TRUE(softwareEnforced.Contains(TAG_KEY_SIZE, key_size));
}
EXPECT_EQ(ErrorCode::OK, DeleteKey(&key_blob));
CheckedDeleteKey(&key_blob);
}
}
@ -1255,7 +1262,7 @@ TEST_F(NewKeyGenerationTest, HmacCheckKeySizes) {
.HmacKey(key_size)
.Digest(Digest::SHA_2_256)
.Authorization(TAG_MIN_MAC_LENGTH, 256)));
DeleteKey();
CheckedDeleteKey();
}
}
}
@ -1287,7 +1294,7 @@ TEST_F(NewKeyGenerationTest, HmacCheckMinMacLengths) {
.HmacKey(128)
.Digest(Digest::SHA_2_256)
.Authorization(TAG_MIN_MAC_LENGTH, min_mac_length)));
DeleteKey();
CheckedDeleteKey();
}
}
}
@ -1677,7 +1684,7 @@ TEST_F(SigningOperationsTest, EcdsaAllSizesAndHashes) {
string message(1024, 'a');
if (digest == Digest::NONE) message.resize(key_size / 8);
SignMessage(message, AuthorizationSetBuilder().Digest(digest));
DeleteKey();
CheckedDeleteKey();
}
}
}
@ -1698,7 +1705,7 @@ TEST_F(SigningOperationsTest, EcdsaAllCurves) {
string message(1024, 'a');
SignMessage(message, AuthorizationSetBuilder().Digest(Digest::SHA_2_256));
DeleteKey();
CheckedDeleteKey();
}
}
@ -1759,7 +1766,7 @@ TEST_F(SigningOperationsTest, HmacAllDigests) {
string signature = MacMessage(message, digest, 160);
EXPECT_EQ(160U / 8U, signature.size())
<< "Failed to sign with HMAC key with digest " << digest;
DeleteKey();
CheckedDeleteKey();
}
}
@ -2146,7 +2153,8 @@ TEST_F(VerificationOperationsTest, EcdsaAllDigestsAndCurves) {
<< curve << ' ' << digest;
}
ASSERT_EQ(ErrorCode::OK, DeleteKey());
auto rc = DeleteKey();
ASSERT_TRUE(rc == ErrorCode::OK || rc == ErrorCode::UNIMPLEMENTED);
}
}
@ -2192,8 +2200,8 @@ TEST_F(VerificationOperationsTest, HmacSigningKeyCannotVerify) {
VerifyMessage(verification_key, message, signature,
AuthorizationSetBuilder().Digest(Digest::SHA1));
EXPECT_EQ(ErrorCode::OK, DeleteKey(&signing_key));
EXPECT_EQ(ErrorCode::OK, DeleteKey(&verification_key));
CheckedDeleteKey(&signing_key);
CheckedDeleteKey(&verification_key);
}
typedef KeymasterHidlTest ExportKeyTest;
@ -3441,14 +3449,14 @@ TEST_F(EncryptionOperationsTest, AesGcmCorruptKey) {
string key = make_string(key_bytes);
ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key));
string plaintext = DecryptMessage(ciphertext, params);
EXPECT_EQ(ErrorCode::OK, DeleteKey());
CheckedDeleteKey();
// Corrupt key and attempt to decrypt
key[0] = 0;
ASSERT_EQ(ErrorCode::OK, ImportKey(import_params, KeyFormat::RAW, key));
EXPECT_EQ(ErrorCode::OK, Begin(KeyPurpose::DECRYPT, params));
EXPECT_EQ(ErrorCode::VERIFICATION_FAILED, Finish(ciphertext, &plaintext));
EXPECT_EQ(ErrorCode::OK, DeleteKey());
CheckedDeleteKey();
}
/*